CVE-2008-0506
N/A
N/A
Summary
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.waraxe.us/advisory-65.html
- http://coppermine-gallery.net/forum/index.php?topic=50103.0
- http://www.vupen.com/english/advisories/2008/0367
- http://www.securityfocus.com/bid/27512
- http://secunia.com/advisories/28682
- http://www.securityfocus.com/archive/1/487310/100/200/threaded
- http://www.securitytracker.com/id?1019286
- https://www.exploit-db.com/exploits/5019
References
- http://www.waraxe.us/advisory-65.html
- http://coppermine-gallery.net/forum/index.php?topic=50103.0
- http://www.vupen.com/english/advisories/2008/0367
- http://www.securityfocus.com/bid/27512
- http://secunia.com/advisories/28682
- http://www.securityfocus.com/archive/1/487310/100/200/threaded
- http://www.securitytracker.com/id?1019286
- https://www.exploit-db.com/exploits/5019
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.